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AMENDMENTS TO THE CLAIMS: 

This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

1. (Previously Amended) A computer/network interface device comprising: 
a first interface for receiving data from a first zone in a first zone data format; 
means for processing said received data through performance of a cryptographic 

operation on at least a portion thereof; 

a second interface for sending said processed data to a second zone in a second zone data 
format; and 

means arranged to pass said processed data exclusively from said processing means to 
said second interface. 

2. (Previously Amended) A computer/network interface device as in claim 1 further 
comprising: 

means arranged to convert said received data in said first zone data format into at least 
one data format other than said first zone data format prior to said data processing. 

3. (Previously Amended) A computer/network interface device as in claim 1 further 
comprising: 

means arranged to transform the data format of said received data from said first zone at 
least twice prior to said data processing. 
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4. (Previously Amended) A computer/network interface device as in claim 1 in 
which said first zone data format is packetized data, said device further comprising: 

means for reading at least one item of identification data from each packet; 
wherein said processing means is arranged to process each respective packet in 
dependence on each corresponding item of identification data. 

5. (Previously Amended) A computer/network interface device as in claim 4 
further comprising: 

a store for storing one or more rules, each rule being linked with at least one of item of 
identification data; wherein 

said processing means is arranged to process each packet in dependence upon the rule 
linked with the corresponding item(s) of identification data. 

6. (Previously Amended) A computer/network interface device as in claim 1 
wherein one of the first and second interfaces is suitable for connection to a host such that the 
data format utilized by such a connected interface is one utilized by the host. 

7. (Previously Amended) A computer/network interface device as claimed in claim 
5, wherein one of the first and second interfaces is suitable for connection to a host such that the 
data format utilized by such a connected interface is one utilized by the host in which, in 
response to receiving at least one control packet including at least an item of control 
identification data and control instructions through the interface not connected to the host and 
reading said item of control identification data from a control packet, said processing means is 
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arranged to change said rules in said store in dependence upon said corresponding control 
instructions. 

8. (Previously Amended^ A computer/network interface device comprising: 

a first interface for receiving data from a first authorized party in a first data format; 

means for processing said received data through performance of a computational 
operation on at least a portion thereof; 

a second interface for sending said processed data to a second authorized party in a 
second data format; 

means arranged to pass said processed data exclusively from said processing means to 
said second interface; 

wherein said operation performed by said processing means is such that if said sent 
processed data is intercepted by an unauthorized party, the recovery of said received data from 
said processed data is computationally unfeasible. 

9. (Previously Amended) A method of operating a computer/network interface 
device comprising: 

receiving data at a first interface from a first zone in a first zone data format; 
processing said received data through performance of a cryptographic operation on at 
least a portion thereof; 

passing said processed data exclusively from said processing means to a second interface; 

and 
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sending said processed data from said second interface to a second zone in a second zone 
data format. 

10. (Previously Amended) A method of operating a computer/network interface 
device as in claim 9 further comprising: 

converting said received data in said first zone data format into at least one further data 
format prior to said processing. 

1 1 . (Previously Amended) A method of operating a computer/network interface 
device as in claim 9 further comprising transforming the data format of said received data from 
said first zone at least twice prior to said processing. 

12. (Previously Am e nded) -A method of operating a computer/network interface 
device comprising: 

receiving data at a first interface from a first authorized party in a first data format; 
processing said received data through performance of a computational operation on at 
least a portion thereof; 

passing said processed data exclusively to a second interface; 

sending said processed data from said second interface to a second authorized party in a 
second data format; 

wherein said performance of said computational operation is such that if said sent 
processed data is intercepted by an unauthorized party, the recovery of said received data from 
said processed data is computationally unfeasible. 
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13. (Currently Amended) A oomputor/notworl ch ost/network interface 
devieea pparatus comprising: 

a first port for communication with said comput e r host using a oomputo r an interna) data 
format used internally bv said host ; 

a second port for communication with said network using a network data format; 

means for processing data received from at least one of said ports through performance of 
a cryptographic operation on at least a portion of said received data; and 

means arranged to pass said processed data exclusively from said means for processing to 
the other of said ports. 

14. (Currently Amended) A computor/networ k host/network interface device as in 
claim 13 further comprising: 

means arranged to convert said received data in either said oomput e ri ntemal data format 
or said network data format into at least one data format other than said computo r intemal data 
format or network data format prior to said data processing. 

15. (Currently Amended) A comput e r/networ kh ost/network interface device as in 
claim 13 further comprising: 

means arranged to transform the data format of said received data from said 
compui e ri mernal data format or network data format at least twice prior to said data processing. 

16. (Currently Amended) A oomputer/n e twor k host/network interface device as in 
claim 13 in which said oompute ri ntemal data format or network data format is packetized data, 
said device further comprising: 
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means for reading at least one item of identification data from each packet; 
wherein said processing means is arranged to process each respective packet in 
dependence on each corresponding item of identification data. 

17. (Currently Amended) A computer/n e twork host network interface device as in 
claim 16 further comprising: 

a store for storing one or more rules, each rule being linked with at least one of item of 
identification data; 

wherein said processing means is arranged to process each packet in dependence upon 
the rule linked with the corresponding item(s) of identification data. 

18. (Currently Amended) A computer networ k host/network interface device as in 
claim 17 in which, in response to receiving at least one control packet including at least an item 
of control identification data and control instructions through said second port and reading said 
item of control identification data from a control packet, said processing means is arranged to 
change said rules in said store in dependence upon said corresponding control instructions. 

1 9. (Previously Presented) A computer/network interface device comprising: 

a first port for receiving data from a first authorized party in a computer data format; 
a second port for sending processed data to a second authorized party in a network data 

format; 

means for processing data received from at least one of said ports through performance of 
a computational operation on at least a portion of said received data; and 
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means arranged to pass said processed data exclusively from said processing means to the 
other of said ports; 

wherein said operation performed by said processing means is such that if said sent 
processed data is intercepted by an unauthorized party, the recovery of said received data from 
said processed data is computationally unfeasible. 

20. (Previously Presented) A method of operating a computer/network interface 
device comprising: 

receiving data at a first port from a first authorized party in a computer data format; 

processing said received computer data through performance of a cryptographic operation 
on at least a portion thereof; 

passing said processed data exclusively from said processing means to a second port; and 

sending said processed data from said second port to a second authorized party in a 
network data format. 

21 . (Previously Presented) A method of operating a computer/network interface 
device as in claim 20 further comprising: 

converting said received data in said computer data format into at least one further data 
format prior to said processing. 

22. (Previously Presented) A method of operating a computer/network interface 
device as in claim 20 further comprising transforming the data format of said received data from 
said first authorized party at least twice prior to said processing. 
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23. (Previously Presented) A method of operating a computer/network interface 
device comprising: 

receiving data at a first port from a first authorized party in a computer data format; 
processing said received data through performance of a computational operation on at 
least a portion thereof; 

passing said processed data exclusively to a second port; 

sending said processed data from said second port to a second authorized party in a 
network data format; 

wherein said performance of said computational operation is such that if said sent 
processed data is intercepted by an unauthorized party, the recovery of said received data from 
said processed data is computationally unfeasible. 

24. (New) A host/network interface apparatus adapted to be plugged into a host, said 
apparatus comprising: 

a first port for communications with said host using an internal data formal used 
internally by said host; 

a second port for communications with said network using a network data format; 

means for processing data received from at least one of said ports through performance of 
a cryptographic operation on at least a portion of said received data; and 

means arranged to pass said processed data exclusively from said processing means to the 
other of said ports. 
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